[Nets-seminars] talk by Andrea Bittau (Stanford, ex-UCL), Monday, 3rd March, 4 PM

Brad Karp B.Karp at cs.ucl.ac.uk
Sun Mar 2 20:22:18 GMT 2014 

Greetings, everyone.

Andrea Bittau (who completed his PhD in our group in 2009, and has
since been a researcher at Stanford) will be visiting us tomorrow,
Monday, the 3rd of March.

Andrea is interviewing for faculty positions this year, and will be
giving a practice talk for his job talk.

Please join us to help give Andrea feedback on this very important
talk!

Abstract, title, and bio follow.

-Brad, bkarp at cs.ucl.ac.uk

---

Speaker: Andrea Bittau, Stanford University CS

Time and place: 4 PM, Monday 3rd March, Roberts 105b

Title: Challenges in Attacking and Securing Systems

Abstract:

I'll present the Blind Return Oriented Programming (BROP) attack as a
case study for some of the challenges attackers face when exploiting
systems. These challenges can be used to the defender's advantage when
trying to build simpler, more deployable security solutions. The BROP
attack also shows that in some cases, it is possible for attackers to
target proprietary services for which both the target binary and
source code are unknown, therefore making security-through-obscurity a
less effective defense. The BROP attack requires a stack vulnerability
and a server process that restarts after a crash (e.g., Apache, nginx,
MySQLd). It can automatically generate an exploit within 4,000
requests (a few minutes) against vulnerable applications running on
modern 64-bit Linux systems with ASLR, NX and canaries enabled.

One of the lessons learned from BROP is to try to design systems that
provide some memory protection. Unfortunately, it is not clear how to
implement such systems efficiently. To this end, I'll present Dune, a
system that enables building fast, hardware-enforced security systems
in user-space. Using hardware virtualization, it exposes privileged
CPU features to standard Linux applications in a safe manner. Dune
applications can now use hardware ring protection, quickly intercept
system calls, and manipulate page tables directly for memory
protection. Dune makes it possible to build security systems that
would otherwise be impractical or would run too slowly.

More information about the Nets-seminars mailing list